8-10 years experience with Security Penetration, Auditing and forensic analysis

Experience with Sidewinder Firewalls

Possess security certifications such as CISSP or GIAC

Basic Requirements:

Bachelor’s degree in Information Security or a related technical field

8-10 years of experience in the field of Information Technology

5-8 years of experience in a technical security role in one of the following areas: malware analysis, network security, operating system security, Internet/web security or endpoint security

Understanding of malicious systems behavior and malware

The field of computer forensics is the information security branch of law enforcement and is closely related to forensic science and criminal justice work, therefore, most computer forensic analysts work for law enforcement agencies.

The role of the analyst is to recover data like documents, photos and e-mails from computer hard drives and other data storage devices, such as zip and flash drives, that have been deleted, damaged or otherwise manipulated.

Analysts often work on cases involving offenses committed on the Internet (‘cyber crime’) and examine computers that may have been involved in other types of crime in order to find evidence of illegal activity.

As an information security professional, a computer forensic analyst may also use their expertise in a corporate setting to protect computers from infiltration, determine how a computer was broken into or recover lost files.

Use technical skills to hunt for files and information that have been hidden, deleted or lost. They help detectives and other officials analyze data and evaluate its relevance to the case under investigation.

Analysts also transfer the evidence into a format that can be used for legal purposes (i.e. criminal trials) and often testify in court themselves.

Certification:

Some agencies now require their analysts to be certified.

The International Society of Forensic Computer Examiners (ISFCE) and the International Association of Computer Investigative Specialists (IACIS) both offer a Certified Forensic Computer Examiner (CFCE) certification.

The IACIS awards the certification to analysts who pass their examination.

The ISFCE requires completion of Certified Computer Examiner (CCE) Board approved training, professional experience and study as well as passing an exam.

This certification must be renewed every three years.

Analysts can also obtain an Advanced Computer System Security, Computer Forensics or Advanced Computer Forensic certification through Cyber Enforcement Resources Incorporated by passing their examination and showing proof of adequate work experience or training.

This certification does not require renewal.

Must be a practicing technician with broad inter-disciplinary skills, with capability of bringing to any scale environment a solid background in information security technologies, tools, and competencies, as well as strong analytical proficiencies, knowledge of eBusiness security best practices, and a real-world perspective and application of security technology trends and advances

Experience should include, the analysis, design, and implementation of industry-standard information security programs on client/server, mid-range, network, and distributed computing environments, development of standards, process, procedure, guidelines, and controls, and extensive experience in regulatory compliance

An in-depth knowledge of information classification, forensics investigations, incident response and tracking, and risk management and assessment methodologies and programs

Must have demonstrated experience implementing/deploying security initiatives that require partnership with other IT areas

Typical Responsibilities:

Monitoring client networks in the enterprise network environment to identify and prevent unauthorized use from both internal and external sources

Identify, resolve, and report security violations in a timely fashion to protect and prevent network resources and data from unauthorized users

Research and stay current on all security technologies, issues, and vulnerabilities, including security vendor**s products; * Incident identification and response.

This includes correctly identifying and evaluating incidents to determine hoaxes, true incidents, or alerts

Provide analysis support to the response and execution of computer forensics investigations, ensure the quality of all security deliverables, ensure that all security work complies with current security policies and procedures, and identify areas of integration and improvement of current processes

Identify projects to enhance the client

s cyber-security posture and mitigate vulnerabilities and risks in a diverse OS and application environment

Works independently and dependently within a business/client area and assists at the enterprise level to influence the strategic and technical decisions during all phases of a project (Strategic/Technical).

Knows relevant issues and considerations in implementing and supporting security programs, controls, processes and practices within an enterprise (Strategic).

Knows relevant issues and considerations in selecting both technical software and hardware packages and vendors including capabilities, clients who have installed them, and user experiences with them (Technical).

Provides leadership and work guidance to peers and less experienced personnel (Leadership).

Communicates in formal presentation settings including medium to large sized groups of key decision makers at the executive level, tailors presentations to needs and interests of the audience. (Communication).